NAME

       nng_tls_config_ca_file - load certificate authority from file

SYNOPSIS

           #include <nng/nng.h>
           #include <nng/supplemental/tls/tls.h>

           int nng_tls_config_ca_file(nng_tls_config *cfg, const char *path);

DESCRIPTION

       The nng_tls_config_ca_file() function configures the certificate authority certificate chain and optional
       revocation list by loading the certificates (and revocation list if present) from a single named file.
       The file must at least one X.509 certificate in PEM <https://tools.ietf.org/html/rfc7468> format, and may
       contain multiple such certificates, as well as zero or more PEM CRL objects. This information is used to
       validate certificates that are presented by peers, when using the configuration cfg.

           Note

           Certificates must be configured when using the authentication mode NNG_TLS_AUTH_MODE_REQUIRED.

           Tip

           This function may be called multiple times, to add additional chains to a configuration, without
           affecting those added previously.

RETURN VALUES

       This function returns 0 on success, and non-zero otherwise.

ERRORS

       NNG_ENOMEM
           Insufficient memory is available.

       NNG_EBUSY
           The configuration cfg is already in use, and cannot be modified.

       NNG_EINVAL
           The contents of path are invalid or do not contain a valid PEM certificate.

       NNG_ENOENT
           The file path does not exist.

       NNG_EPERM
           The file path is not readable.

SEE ALSO

       nng_strerror(3), nng_tls_config_alloc(3tls), nng_tls_config_auth_mode(3tls),
       nng_tls_config_ca_chain(3tls), nng(7)

                                                   2025-04-20                       NNG_TLS_CONFIG_CA_FILE(3tls)